You reject generic profiles due to a requirement to have transactions stamped with actual user IDs. And you reject individual user IDs because you don’t want to maintain them.

One requirement or the other has to be dropped if DDM over TCP/IP is used.

Note that DDM over TCP/IP without requiring passwords opens the system to the world (as would running any server without requiring passwords). Near as I can tell, DDM isn’t the appropriate technology for this. Perhaps DRDA/SQL and stored procs would be a better fit. The stored procs might accept an additional parm for job user while the connection itself would be through a generic CurrentUser. You might switch to the current user before running the update. It might be possible to do something similar over DDM, but you might need to invoke a remote program rather than update/access a remote file directly.